Symbolic Data Structure for sets of k-uples of integers
|
|
- Jessica Wright
- 6 years ago
- Views:
Transcription
1 Symbolic Data Structure for sets of k-uples of integers Pierre Ganty 1, Cédric Meuter 1, Laurent Van Begin 1, Gabriel Kalyon 1, Jean-François Raskin 1, and Giorgio Delzanno 2 1 Département d Informatique, Université Libre de Bruxelles 2 Dipartimento di Informatica e Scienze dell Informazione, Università degli Studi di Genova Abstract. In this document we present a new symbolic data structure dedicated to the manipulation of (possibly infinite) sets of k-uples over integers, initially introduced in [Gan02]. This new data structure called Interval Sharing Tree (IST), is based on sharing trees [ZL95] where each node is labelled with an interval of integers. We present symbolic algorithm on IST for standard set operations and also introduce some specific operation that can be useful in the context of model-checking. 1 Introduction Many systems like multi-threaded programs and communication protocols are very complex to devise, hence error prone. For almost three decades a lot of research has been done in order to formalize and prove or refute properties on such systems. Given a formal description M of the system, we apply model checking methods [CGP99] to verify automatically that some properties hold on M. Those automatic methods manipulate (possibly) infinite sets of configurations of M. In model checking one problem we face off is the state explosion problem. This problem corresponds to a blow up in the size of the sets of configurations being manipulated. One way to overcome that problem is to use a compact symbolic representation of those sets. In our context assuming that those configurations are k-uples over integers, we define Interval Sharing Tree (IST) [Gan02] which is a symbolic representation of sets of k-uples. ISTs are directed acyclic graphbased data structures, where nodes are labelled with intervals of integers. This symbolic data structure benefits from several advantages. First, algorithms can be defined to manipulate ISTs symbolically (i.e. without exploring all path of the graph). Second, the size of an IST I may be exponentially smaller than the size of the set of k-uples it represent. Finally, an IST I can be (semantically) nondeterministic whereas other approaches facing to the state explosion problem traditionally use deterministic data structures (e.g. sharing trees [ZL95], BDD [CGP99],...), thus allowing I to be more compact. The remainder of this document is structured as follows. First, in sec. 2, we introduce interval sharing trees and their semantics. We follow up, in sec. 3,
2 by presenting symbolic algorithms for manipulating this data structure. Finally, in sec. 4, we conclude by presenting a summary of all operations and their complexity. 2 Interval Sharing Tree In the following, Z denotes the set of integers and Z = Z {, + }. The classical order over integer is exted to Z in the usual way: c Z : < c < +. An interval is a pair a, b Z Z such that a b, noted [a, b]. As usual, an interval a, b denotes the set {c Z a c b}. Hence, c [a, b] means that c is in the set corresponding to [a, b]. We note I the set of all intervals. Moreover, we note (a, b] = [a, b] \ {a} and [a, b) = [a, b] \ {b}. Definition 1 (Interval Sharing Tree). An interval sharing tree (IST in short) I, is a labelled directed rooted acyclic graph N, ι, succ where: N = N 0 N 1 N 2... N k N k+1 is the finite set of nodes, partitioned into k + 2 disjoint subsets N i called layers with N 0 = {root} and N k+1 = {} ι : N I {, } is the labelling function such that ι(n) = (resp. ) if and only if n = root (resp. ). succ : N 2 N is the successor function such that: (i) succ() = (ii) i [0, k], n N i : succ(n) N i+1 succ(n) (iii) n N, n 1, n 2 succ(n) : (n 1 n 2 ) (ι(n 1 ) ι(n 2 )) (iv) i [0, k], n 1 n 2 N i : (ι(n 1 ) = ι(n 2 )) (succ(n 1 ) succ(n 2 )) In other words, an IST is a directed acyclic graph where the nodes are labelled with intervals except for two special nodes (root and ), such that (i) the node has no successors, (ii) all nodes from layer i have their successors in layer i+1, (iii) a node cannot have two successors with the same label, (iv) two nodes with the same label in the same layer do not have the same successors. Condition (iii) ensures maximal prefix sharing, i.e. the IST is syntactically deterministic. It does not mean that an IST is semantically deterministic, i.e. a node may have two distinct successors labeled with intervals that are not disjoint. Condition (iv) ensures maximal suffix sharing. If a graph satisfies all condition of definition 1 by those two condition, it is called a pre-ist. A path of an IST is a k-uple n 1, n 2,..., n k such that n 1 succ(root), succ(n k ) and i [1, k) : n i+1 succ(n i ). Given an IST I, we note path(i), the set of path of I. The semantics of an IST I, noted [I ] is the set {x Z k n 1,..., n k path(i), i [1, k] : x i ι(n i )}. 3 Operations on IST In this section we present the operations on IST. Those operation are symbolic, i.e. they work on the tree instead of the set of k-uples that are represented.
3 We start in sec. 3.1 by introducing some preliminary operations that will later on. Then, in sec. 3.2, we introduce basic set operations, i.e. emptiness test, membership test, union, intersection and complement. Finally, in sec. 3.3, we present some operations that are useful in the context of model-checking, namely substitution and downward closure. 3.1 Preliminary operations Prefix sharing Given a pre-ist I with k layers, we want to modify I so that it satisfies condition (iii) of definition 1. The idea is to traverse the sharing tree layer-by-layer and to determinize syntactically the nodes of each layer. This algorithm has a wost-case time complexity of O(2 I ). Note however, that this algorithm returns a pre-ist satisfying condition iii, but not necessarily condition (iv). Algorithm 1: enforceprefixsharing(i, k) data: I = N, ι, succ, k N post: n N, n 1, n 2 succ(n) : (n 1 n 2 ) (ι(n 1 ) ι(n 2 )) for i 0 to k do forall n N i do S forall I I s.t. n succ(n) : ι(n ) = I do let n be a new node succ(n ), ι(n ) I forall n succ(n) s.t. ι(n ) = I do succ(n ) succ(n ) succ(n ) N i+1 N i+1 {n } S S {n } succ(n) S Suffix sharing Given a pre-ist I with k layers, we want to transom I so that it satisfies condition (iv) of definition 1. The idea is to traverse the sharing tree layer-by-layer (bottom-up). When we encounter two nodes in same layer with same label and with the same set of sons, we delete one of them (the other one takes its place). Note that this operation preserves condition iii. Therefore, if one wants to enforce both conditions, one must start with enforceprefixsharing().
4 Algorithm 2: enforcesuffixsharing(i, k) data: I = N, ι, succ, k N post: i [0, k], n 1 n 2 N i : (ι(n 1 ) = ι(n 2 )) (succ(n 1 ) succ(n 2 )) for i k downto 1 do forall n N i do forall n N i \ {n} s.t. ι(n) = ι(n ) succ(n) = succ(n ) do forall n N i 1 s.t. n succ(n ) do succ(n ) (succ(n ) \ {n }) {n} N i N i \ {n } Algorithm 3: determinize(i, k) data: I = N, ι, succ, k N post: n N, n 1 n 2 succ(n) : ι(n 1 ) ι(n 2 ) = for i 0 to k do forall n N i s.t. n 1 n 2 succ(n) : ι(n 1 ) ι(n 2 ) do let n be a new node ι(n ) ι(n) forall n N s.t. n succ(n ) do succ(n ) succ(n ) {n } \ {n} L {ι(n ) n succ(n)} let L 2 I be the smallest partition of I L I forall I L do let s be a new node forall t succ(n) s.t. I ι(t) do succ(s) succ(s) succ(t) ι(s) I succ(n ) succ(n ) {s} N i+1 N i+1 {s} N i N i {n } \ {n} enforcesuffixsharing(i, k) Determinization Given an IST I with k layers, we want to eliminate from I the semantical non-determinism that can arise in the successors of a given node while preserving [I ]. After the determinization of a sharing tree, the intevals defined by the successors of any node must be disjoint. The idea of the algorithm is to traverses the sharing tree layer-by-layer and for each node n, compute a new set of disjoint intervals. Then, we create a node s for each such interval and we compute the successors of s, i.e. the successors of nodes that belongs to succ(n)
5 and that have a label containing the label of s. This algorithm has a worst-case complexity of O(2 I ). 3.2 Set operations Emptiness Given an IST I with k layers, we want to decide if [[I ] = holds. The algorithm for that is very simple. Indeed, [I ] = if and only if succ(root) =. This algorithm has a worst-case time complexity of O(1). Algorithm 4: empty(i, k) data : I = N, ι, succ, k N returns: true if and only if [I ] = return succ(root) = Membership Given an IST I with k layers and a k-uple x = x 1,..., x k Z k, we want to determine if x [I ] holds. For that, we present an algorithm for that problem adapted from Covering Sharing Trees [Van03,DRV04] that has a worst-case time complexity O( I ). The algorithm is based on a layer-by-layer traversal of the graph. We first mark the root node of I. Then for each layer i [1, k + 1], we mark all nodes n N i such that x i ι(n) and such that n has a marked predecessor. At the of this procedure, x I holds if and only if the node has at least one marked predecessor. Algorithm 5: memberof(i, k, x) data : I = N, ι, succ, k N, x Z k returns: true if and only if x [I ] holds M {root} for i 1 to k do forall n N i do if (x i ι(n)) ( n M : n succ(n )) then M M {n} return ( n M : succ(n)) Intersection Given two IST I 1, I 2 with k layers, we want to compute an IST I such that [[I ] = [I 1 ] [I 2 ]. The algorithm is adapted from the the algorithm computing the synchronized product of finite automata. Each node in this product is a pair of node from both I 1 and I 2. In this particular case, the interval
6 of a node n 1, n 2 in the product is the intersection of the interval of n 1 and n 2. Unfortunately, this can introduce some prefix and/or suffix redundancy, thus violating conditions (iii) and/or (iv) of definition 1. Therefore, we must enforce those two conditions in the algorithm to turn the resulting pre-ist into an IST. For this reason, this algorithm has a worst-case time complexity of O(2 I1 I2 ). It was proven in [Van03, thm. 20, 21] that for Covering Sharing Trees, which is a subclass of IST, no polynomial algorithm exists for that problem. Algorithm 6: intersection(i 1, I 2, k) data : I 1 = N 1, ι 1, succ 1, I 2 = N 2, ι 2, succ 2, k N returns: I s.t. [I ] = [I 1 ] [I 2 ] I N 0... N k+1, ι, succ for i 0 to k do N i N k+1 { 1, 2 } ι( 1, 2 ) for i k downto 1 do forall n 1, n 2 N1 k N2 k s.t. ι 1 (n 1 ) ι 2 (n 2 ) do ι( n 1, n 2 ) ι 1 (n 1 ) ι 2 (n 2 ) succ( n 1, n 2 ) N k+1 (succ 1 (n 1 ) succ 2 (n 2 )) if succ( n 1, n 2 ) then N k N k { n 1, n 2 } N 0 { root 1, root 2 } ι( root 1, root 2 ) succ( root 1, root 2 ) N 1 enforceprefixsharing(i, k) enforcesuffixsharing(i, k) return I Union Given two IST I 1, I 2 with k layers, we want to compute an IST I such that [I ] = [I 1 ] [I 2 ]. This can be done using the algorithm to compute the union of two sharing trees defined in [ZL95]. This algorithm uses two recursive functions recunion() and reccopy(). The function recunion() computes the union of a sub-tree of I 1 rooted in n 1 and a sub-tree of I 2 rooted in n 2. The roots of these sub-trees must have the same labels. The function reccopy() copies a sub-tree of I 1 or I 2 in I. Those two function make use of a hashing table T to remember previous computations. When the union of two sub-trees rooted respectively in n 1 and n 2 is computed and added in I, the resulting node is stored in T, indexed by the pair n 1, n 2. Similarly, when a sub-tree rooted in n is copied in I, the copied node is stored in T, indexed by the pair n, n. This is essential in order treat every pair of nodes only once, thus allowing a polynomial
7 complexity. Note that condition iv does not necessarily holds on the result and must therefore be enforced. This algorithm has a worst-case time complexity of O(( I 1 + I 2 ) 3 ). Algorithm 7: recunion(n 1, n 2, i) if T (n 1, n 2 ) is defined then n T (n 1, n 2 ) else let n be a new node ι(n) ι 1 (n 1 ) N i N i {n} forall n 1 succ 1 (n 1 ) do if n 2 succ 2 (n 2 ) s.t. ι 1 (n 1) = ι 2 (n 2) then succ(n) succ(n) {recunion(n 1, n 2, i + 1)} else succ(n) succ(n) {reccopy(n 1, 1, i + 1)} forall n 2 succ 2 (n 2 ) do if n 1 succ 1 (n 1 ) : ι 1 (n 1) ι 2 (n 2) then succ(n) succ(n) {reccopy(n 2, 2, i + 1)} T (n 1, n 2 ) n return n Algorithm 8: reccopy(n, x, i) if T (n, n) is defined then n T (n, n) else let n be a new node ι(n ) ι x (n) N i N i {n } forall n succ x (n) do succ(n ) succ(n ) {reccopy(n, x, i + 1)} T (n, n) n return n
8 Algorithm 9: union(i 1, I 2, k) data: I 1 = N 1, ι 1, succ 1, I 2 = N 2, ι 2, succ 2, k N returns: I s.t. [I ] = [I 1 ] [I 2 ] I N 0... N k+1, ι, succ forall i 0 to k do N i recunion(root 1, root 2, 0) enforcesuffixsharing(i, k) return I Algorithm 10: complement(i, k) data : I = N, ι, succ, k N returns: I 1 such that [I 1 ] = Z k \ [I ] I 1 I determinize(i 1 ) M N k 1 1 for i 0 to k do forall n N i 1 do L {ι 1 (n ) n succ 1 (n)} let L 2 I be the smallest partition of Z \ ( I L I) forall I L do let n be a new node ι 1 (n ) I, succ 1 (n) succ 1 (n) {n } forall n M do succ 1 (n) ; N i+1 1 N i+1 1 {n } forall n N k 1 1 \ M do succ 1 (n) 1 for i k downto 1 do forall n N i do if succ 1 (n) = then N i 1 N i 1 \ {n} forall n N i 1 s.t. n succ 1 (n ) do succ 1 (n ) succ 1 (n ) \ {n} enforcesuffixsharing(i 1, k) return I 1
9 Complement Given an IST I with k layers, we want to compute an IST I 1 such that [I 1 ] = Z k \ [I ]. First, we take a copy I 1 of I, and determinize it. Then, for each node n of I 1, we complement the set of intervals defined by the successors of n to obtain a partition of Z. We create a new node for each of these new intervals and add these new nodes to succ(n). In fact, these new nodes allow to consider the k-uples that do not belong to [I ]. To delete the k-uples that belong to [I ], we delete the edges between the nodes of the layer N1 k that were copied from I 1 and the node 1. Finally, we delete from the IST all path not ing in Dedicated operations Substitution Given an IST I with k layers, we want to compute an IST I 1 where a certain variable x i is replaced by x i + d with d Z. Formally, we want that [[I 1 ] = [I ] [xi+d/x i] = { x 1,..., x i + d,..., x k x I}. This operation can be done very simply, by shifting all interval of layer i. Note that this transformation does not violate condition (iv) of (iii). Algorithm 11: substitution(i, k, i, d) data : I = N, ι, succ, k N, i [1, k], d Z returns: I 1 s.t. [I 1 ] = [I ] [xi+d/x i] I 1 N, ι 1, succ forall n N \ N i do ι 1 (n) ι(n) forall n N i do l, u ι(n) ι 1 (n) l + d, u + d return I 1 Downward Closure Given a subset S Z k, the downward closure of S, noted S is the set with k-uple smaller than a k-uple of S. Formally, S = {x Z k x S i [1, k] : x i x i }. Hence, given an IST I with k layers, we want to compute an IST I 1 such that [I 1 ] = [I ]. The algorithm works as follows. The left bound of all nodes is set to. This transformation can introduce some prefix and/or suffix redundancy, thus violating conditions (iii) and/or (iv) of definition 1. Therefore, we must enforce those two conditions in the algorithm. The algorithm has a worst-time complexity O(2 I ).
10 Operation Effect Complexity enforceprefixsharing(i, k) enforce condition (iii) on I O(2 I ) enforcesuffixsharing(i, k) enforce condition (iv) on I O(( I ) 2 ) determinize(i, k) semantically determinize I O(2 I ) empty(i, k) test if [[I]] = holds O(1) memberof(i, k, x) test if x [[I]] holds O( I ) union(i 1, I 2, k) compute I s.t. [[I]] = [[I 1]] [[I 2]] O(( I 1 + I 2 ) 3 ) intersection(i 1, I 2, k) compute I s.t. [[I]] = [[I 1]] [[I 2]] O(2 I 1 I 2 ) substitution(i, k, i, d) computes I 1 s.t. [[I 1]] = [[I]] [xi +d/x i ] O( I ) complement(i, k) compute I 1 s.t. [[I 1]] = Z k \ [[I]] O(2 I ) downwardclosure(i, k) compute I 1 s.t. [[I 1]] = [[I]] O(2 I ) Table 1. Operations on IST and their complexity Algorithm 12: downwardclosure(i, k) data : I = N, ι, succ, k N returns: I 1 s.t. [I 1 ] = [I ] forall n N do l, u ι(n) ι 1 (n), u I 1 N, ι 1, succ enforceprefixsharing(i 1 ) enforcesuffixsharing(i 1 ) return I 1 4 Conclusion In this paper, we defined a symbolic data structure for sets of k-uples of integers, called Interval Sharing Trees. We presented algorithms in order to manipulate this data structure symbolically. Those operations include traditional set operations as well as specific operation dedicated to model-cheking, and are summarized, along with complexity in tab. 1. References [CGP99] Edmund M. Clarke, Orna Grumberg, and Doron Peled. Model checking. MIT Press, Cambridge, MA, USA, [DRV04] Giorgio Delzanno, Jean-Francois Raskin, and Laurent Van Begin. Covering sharing trees: A compact data structure for parameterized verification. Software Tools for Technology Transfer manuscript, 2004.
11 [Gan02] Pierre Ganty. Algorithmes et structures de données efficaces pour la manipulation de contraintes sur les intervalles. Master s thesis, Université Libre de Bruxelles, [Van03] Laurent Van Begin. Efficient Verification of Counting Abstractions for Parametric systems. PhD thesis, Université Libre de Bruxelles, [ZL95] Denis Zampunieris and Baudouin Le Charlier. Efficient handling of large sets of tuples with sharing trees. In Proceedings of the 5th Data Compression Conference (DCC 95), page 428. IEEE Computer Society Press, 1995.
Antichain Algorithms for Finite Automata
Antichain Algorithms for Finite Automata Laurent Doyen 1 and Jean-François Raskin 2 1 LSV, ENS Cachan & CNRS, France 2 U.L.B., Université Libre de Bruxelles, Belgium Abstract. We present a general theory
More informationExpand, Enlarge, and Check
Expand, Enlarge, and Check New algorithms for the coverability problem of WSTS G. Geeraerts 1, J.-F. Raskin 1, L. Van Begin 1,2 Département d Informatique, Université Libre de Bruxelles Boulevard du Triomphe,
More informationPairing Transitive Closure and Reduction to Efficiently Reason about Partially Ordered Events
Pairing Transitive Closure and Reduction to Efficiently Reason about Partially Ordered Events Massimo Franceschet Angelo Montanari Dipartimento di Matematica e Informatica, Università di Udine Via delle
More informationLecture Notes on Emptiness Checking, LTL Büchi Automata
15-414: Bug Catching: Automated Program Verification Lecture Notes on Emptiness Checking, LTL Büchi Automata Matt Fredrikson André Platzer Carnegie Mellon University Lecture 18 1 Introduction We ve seen
More informationPairing Transitive Closure and Reduction to Efficiently Reason about Partially Ordered Events
Pairing Transitive Closure and Reduction to Efficiently Reason about Partially Ordered Events Massimo Franceschet Angelo Montanari Dipartimento di Matematica e Informatica, Università di Udine Via delle
More informationIntroduction. Büchi Automata and Model Checking. Outline. Büchi Automata. The simplest computation model for infinite behaviors is the
Introduction Büchi Automata and Model Checking Yih-Kuen Tsay Department of Information Management National Taiwan University FLOLAC 2009 The simplest computation model for finite behaviors is the finite
More informationAutomata, Logic and Games: Theory and Application
Automata, Logic and Games: Theory and Application 1. Büchi Automata and S1S Luke Ong University of Oxford TACL Summer School University of Salerno, 14-19 June 2015 Luke Ong Büchi Automata & S1S 14-19 June
More informationDistribution of reactive systems
UNIVERSITÉ LIBRE DE BRUXELLES Faculté des Sciences Département d Informatique Distribution of reactive systems MEUTER Cédric Mémoire présenté vue de l obtention du diplome d étude approfondie en informatique
More informationBinary Decision Diagrams. Graphs. Boolean Functions
Binary Decision Diagrams Graphs Binary Decision Diagrams (BDDs) are a class of graphs that can be used as data structure for compactly representing boolean functions. BDDs were introduced by R. Bryant
More informationSETH FOGARTY AND MOSHE Y. VARDI
BÜCHI COMPLEMENTATION AND SIZE-CHANGE TERMINATION SETH FOGARTY AND MOSHE Y. VARDI Department of Computer Science, Rice University, Houston, TX e-mail address: sfogarty@gmail.com Department of Computer
More informationAutomata-based Verification - III
COMP30172: Advanced Algorithms Automata-based Verification - III Howard Barringer Room KB2.20: email: howard.barringer@manchester.ac.uk March 2009 Third Topic Infinite Word Automata Motivation Büchi Automata
More informationSanjit A. Seshia EECS, UC Berkeley
EECS 219C: Computer-Aided Verification Explicit-State Model Checking: Additional Material Sanjit A. Seshia EECS, UC Berkeley Acknowledgments: G. Holzmann Checking if M satisfies : Steps 1. Compute Buchi
More informationOn the Average Complexity of Brzozowski s Algorithm for Deterministic Automata with a Small Number of Final States
On the Average Complexity of Brzozowski s Algorithm for Deterministic Automata with a Small Number of Final States Sven De Felice 1 and Cyril Nicaud 2 1 LIAFA, Université Paris Diderot - Paris 7 & CNRS
More informationTimo Latvala. March 7, 2004
Reactive Systems: Safety, Liveness, and Fairness Timo Latvala March 7, 2004 Reactive Systems: Safety, Liveness, and Fairness 14-1 Safety Safety properties are a very useful subclass of specifications.
More informationBinary Decision Diagrams
Binary Decision Diagrams Logic Circuits Design Seminars WS2010/2011, Lecture 2 Ing. Petr Fišer, Ph.D. Department of Digital Design Faculty of Information Technology Czech Technical University in Prague
More informationModel Checking: An Introduction
Model Checking: An Introduction Meeting 3, CSCI 5535, Spring 2013 Announcements Homework 0 ( Preliminaries ) out, due Friday Saturday This Week Dive into research motivating CSCI 5535 Next Week Begin foundations
More informationPartially Ordered Two-way Büchi Automata
Partially Ordered Two-way Büchi Automata Manfred Kufleitner Alexander Lauser FMI, Universität Stuttgart, Germany {kufleitner, lauser}@fmi.uni-stuttgart.de June 14, 2010 Abstract We introduce partially
More informationBinary Decision Diagrams
Binary Decision Diagrams Binary Decision Diagrams (BDDs) are a class of graphs that can be used as data structure for compactly representing boolean functions. BDDs were introduced by R. Bryant in 1986.
More informationTemporal logics and explicit-state model checking. Pierre Wolper Université de Liège
Temporal logics and explicit-state model checking Pierre Wolper Université de Liège 1 Topics to be covered Introducing explicit-state model checking Finite automata on infinite words Temporal Logics and
More informationSemantic Equivalences and the. Verification of Infinite-State Systems 1 c 2004 Richard Mayr
Semantic Equivalences and the Verification of Infinite-State Systems Richard Mayr Department of Computer Science Albert-Ludwigs-University Freiburg Germany Verification of Infinite-State Systems 1 c 2004
More informationFrom Many Places to Few: Automatic Abstraction Refinement for Petri Nets
Fundamenta Informaticae 88 (2008) 1 27 1 IOS Press From Many Places to Few: Automatic Abstraction Refinement for Petri Nets Pierre Ganty, Jean-François Raskin, Laurent Van Begin Département d Informatique
More informationVariable Automata over Infinite Alphabets
Variable Automata over Infinite Alphabets Orna Grumberg a, Orna Kupferman b, Sarai Sheinvald b a Department of Computer Science, The Technion, Haifa 32000, Israel b School of Computer Science and Engineering,
More informationAutomata-based Verification - III
CS3172: Advanced Algorithms Automata-based Verification - III Howard Barringer Room KB2.20/22: email: howard.barringer@manchester.ac.uk March 2005 Third Topic Infinite Word Automata Motivation Büchi Automata
More informationBinary Decision Diagrams
Binary Decision Diagrams Literature Some pointers: H.R. Andersen, An Introduction to Binary Decision Diagrams, Lecture notes, Department of Information Technology, IT University of Copenhagen Tools: URL:
More informationAbstractions and Decision Procedures for Effective Software Model Checking
Abstractions and Decision Procedures for Effective Software Model Checking Prof. Natasha Sharygina The University of Lugano, Carnegie Mellon University Microsoft Summer School, Moscow, July 2011 Lecture
More informationReduced Ordered Binary Decision Diagrams
Reduced Ordered Binary Decision Diagrams Lecture #13 of Advanced Model Checking Joost-Pieter Katoen Lehrstuhl 2: Software Modeling & Verification E-mail: katoen@cs.rwth-aachen.de June 5, 2012 c JPK Switching
More informationA Generalization of Cobham s Theorem to Automata over Real Numbers
A Generalization of Cobham s Theorem to Automata over Real Numbers Bernard Boigelot and Julien Brusten Institut Montefiore, B28 Université de Liège B-4000 Liège, Belgium {boigelot,brusten}@montefiore.ulg.ac.be
More informationTree Automata and Rewriting
and Rewriting Ralf Treinen Université Paris Diderot UFR Informatique Laboratoire Preuves, Programmes et Systèmes treinen@pps.jussieu.fr July 23, 2010 What are? Definition Tree Automaton A tree automaton
More informationApproximation Metrics for Discrete and Continuous Systems
University of Pennsylvania ScholarlyCommons Departmental Papers (CIS) Department of Computer & Information Science May 2007 Approximation Metrics for Discrete Continuous Systems Antoine Girard University
More informationSymbolic Model Checking with ROBDDs
Symbolic Model Checking with ROBDDs Lecture #13 of Advanced Model Checking Joost-Pieter Katoen Lehrstuhl 2: Software Modeling & Verification E-mail: katoen@cs.rwth-aachen.de December 14, 2016 c JPK Symbolic
More informationMonotonic Abstraction in Parameterized Verification
Monotonic Abstraction in Parameterized Verification Parosh Aziz Abdulla 1 Department of Information Technology Uppsala University Sweden Giorgio Delzanno 2 Dipartimento Informatica e Scienze dell Informazione
More informationClosure Properties of Regular Languages. Union, Intersection, Difference, Concatenation, Kleene Closure, Reversal, Homomorphism, Inverse Homomorphism
Closure Properties of Regular Languages Union, Intersection, Difference, Concatenation, Kleene Closure, Reversal, Homomorphism, Inverse Homomorphism Closure Properties Recall a closure property is a statement
More informationState-Space Exploration. Stavros Tripakis University of California, Berkeley
EE 144/244: Fundamental Algorithms for System Modeling, Analysis, and Optimization Fall 2014 State-Space Exploration Stavros Tripakis University of California, Berkeley Stavros Tripakis (UC Berkeley) EE
More informationDouble Header. Model Checking. Model Checking. Overarching Plan. Take-Home Message. Spoiler Space. Topic: (Generic) Model Checking
Double Header Model Checking #1 Two Lectures Model Checking SoftwareModel Checking SLAM and BLAST Flying Boxes It is traditional to describe this stuff (especially SLAM and BLAST) with high-gloss animation
More informationFrom Liveness to Promptness
From Liveness to Promptness Orna Kupferman Hebrew University Nir Piterman EPFL Moshe Y. Vardi Rice University Abstract Liveness temporal properties state that something good eventually happens, e.g., every
More informationHelsinki University of Technology Laboratory for Theoretical Computer Science Research Reports 66
Helsinki University of Technology Laboratory for Theoretical Computer Science Research Reports 66 Teknillisen korkeakoulun tietojenkäsittelyteorian laboratorion tutkimusraportti 66 Espoo 2000 HUT-TCS-A66
More informationarxiv: v2 [cs.ds] 3 Oct 2017
Orthogonal Vectors Indexing Isaac Goldstein 1, Moshe Lewenstein 1, and Ely Porat 1 1 Bar-Ilan University, Ramat Gan, Israel {goldshi,moshe,porately}@cs.biu.ac.il arxiv:1710.00586v2 [cs.ds] 3 Oct 2017 Abstract
More informationChapter 3 Deterministic planning
Chapter 3 Deterministic planning In this chapter we describe a number of algorithms for solving the historically most important and most basic type of planning problem. Two rather strong simplifying assumptions
More informationMinimization Techniques for Symbolic Automata
University of Connecticut OpenCommons@UConn Honors Scholar Theses Honors Scholar Program Spring 5-1-2018 Minimization Techniques for Symbolic Automata Jonathan Homburg jonhom1996@gmail.com Follow this
More informationChapter 4: Computation tree logic
INFOF412 Formal verification of computer systems Chapter 4: Computation tree logic Mickael Randour Formal Methods and Verification group Computer Science Department, ULB March 2017 1 CTL: a specification
More informationReduced Ordered Binary Decision Diagrams
Reduced Ordered Binary Decision Diagrams Lecture #12 of Advanced Model Checking Joost-Pieter Katoen Lehrstuhl 2: Software Modeling & Verification E-mail: katoen@cs.rwth-aachen.de December 13, 2016 c JPK
More informationLecture Notes on Model Checking
Lecture Notes on Model Checking 15-816: Modal Logic André Platzer Lecture 18 March 30, 2010 1 Introduction to This Lecture In this course, we have seen several modal logics and proof calculi to justify
More informationarxiv: v2 [cs.fl] 29 Nov 2013
A Survey of Multi-Tape Automata Carlo A. Furia May 2012 arxiv:1205.0178v2 [cs.fl] 29 Nov 2013 Abstract This paper summarizes the fundamental expressiveness, closure, and decidability properties of various
More informationAutomatic Verification of Parameterized Data Structures
Automatic Verification of Parameterized Data Structures Jyotirmoy V. Deshmukh, E. Allen Emerson and Prateek Gupta The University of Texas at Austin The University of Texas at Austin 1 Outline Motivation
More informationA Tableau-Based Decision Procedure for Right Propositional Neighborhood Logic (RPNL )
A Tableau-Based Decision Procedure for Right Propositional Neighborhood Logic (RPNL ) Davide Bresolin Angelo Montanari Dipartimento di Matematica e Informatica Università degli Studi di Udine {bresolin,
More informationFormal Verification of Mobile Network Protocols
Dipartimento di Informatica, Università di Pisa, Italy milazzo@di.unipi.it Pisa April 26, 2005 Introduction Modelling Systems Specifications Examples Algorithms Introduction Design validation ensuring
More informationClock Matrix Diagrams
Clock Matrix Diagrams U N I V E R S I T A S S A R A V I E N I S S Bachelor s Thesis Daniel Fass daniel@react.cs.uni-sb.de Reactive Systems Group Department of Computer Science Universität des Saarlandes
More informationCovering Linear Orders with Posets
Covering Linear Orders with Posets Proceso L. Fernandez, Lenwood S. Heath, Naren Ramakrishnan, and John Paul C. Vergara Department of Information Systems and Computer Science, Ateneo de Manila University,
More information3515ICT: Theory of Computation. Regular languages
3515ICT: Theory of Computation Regular languages Notation and concepts concerning alphabets, strings and languages, and identification of languages with problems (H, 1.5). Regular expressions (H, 3.1,
More informationEnhancing Active Automata Learning by a User Log Based Metric
Master Thesis Computing Science Radboud University Enhancing Active Automata Learning by a User Log Based Metric Author Petra van den Bos First Supervisor prof. dr. Frits W. Vaandrager Second Supervisor
More informationFinite Automata and Languages
CS62, IIT BOMBAY Finite Automata and Languages Ashutosh Trivedi Department of Computer Science and Engineering, IIT Bombay CS62: New Trends in IT: Modeling and Verification of Cyber-Physical Systems (2
More informationA Generalization of Cobham s Theorem to Automata over Real Numbers 1
A Generalization of Cobham s Theorem to Automata over Real Numbers 1 Bernard Boigelot and Julien Brusten 2 Institut Montefiore, B28 Université de Liège B-4000 Liège Sart-Tilman Belgium Phone: +32-43662970
More informationarxiv: v3 [cs.fl] 2 Jul 2018
COMPLEXITY OF PREIMAGE PROBLEMS FOR DETERMINISTIC FINITE AUTOMATA MIKHAIL V. BERLINKOV arxiv:1704.08233v3 [cs.fl] 2 Jul 2018 Institute of Natural Sciences and Mathematics, Ural Federal University, Ekaterinburg,
More informationA New Approach to Upward-Closed Set Backward Reachability Analysis
INFINITY 2004 Preliminary Version A New Approach to Upward-Closed Set Backward Reachability Analysis Jesse Bingham 1,2,3 Department of Computer Science University of British Columbia Vancouver, Canada
More informationarxiv: v1 [cs.ds] 9 Apr 2018
From Regular Expression Matching to Parsing Philip Bille Technical University of Denmark phbi@dtu.dk Inge Li Gørtz Technical University of Denmark inge@dtu.dk arxiv:1804.02906v1 [cs.ds] 9 Apr 2018 Abstract
More informationSymbolic Trajectory Evaluation (STE): Orna Grumberg Technion, Israel
Symbolic Trajectory Evaluation (STE): Automatic Refinement and Vacuity Detection Orna Grumberg Technion, Israel Marktoberdort 2007 1 Agenda Model checking Symbolic Trajectory Evaluation Basic Concepts
More informationEnumeration Schemes for Words Avoiding Permutations
Enumeration Schemes for Words Avoiding Permutations Lara Pudwell November 27, 2007 Abstract The enumeration of permutation classes has been accomplished with a variety of techniques. One wide-reaching
More informationPartial model checking via abstract interpretation
Partial model checking via abstract interpretation N. De Francesco, G. Lettieri, L. Martini, G. Vaglini Università di Pisa, Dipartimento di Ingegneria dell Informazione, sez. Informatica, Via Diotisalvi
More informationRealization Plans for Extensive Form Games without Perfect Recall
Realization Plans for Extensive Form Games without Perfect Recall Richard E. Stearns Department of Computer Science University at Albany - SUNY Albany, NY 12222 April 13, 2015 Abstract Given a game in
More informationCompact Regions for Place/Transition Nets
Compact Regions for Place/Transition Nets Robin Bergenthum Department of Software Engineering and Theory of Programming, FernUniversität in Hagen robin.bergenthum@fernuni-hagen.de Abstract. This paper
More informationLecturecise 22 Weak monadic second-order theory of one successor (WS1S)
Lecturecise 22 Weak monadic second-order theory of one successor (WS1S) 2013 Reachability in the Heap Many programs manipulate linked data structures (lists, trees). To express many important properties
More informationWeak Alternating Automata Are Not That Weak
Weak Alternating Automata Are Not That Weak Orna Kupferman Hebrew University Moshe Y. Vardi Rice University Abstract Automata on infinite words are used for specification and verification of nonterminating
More informationAntichains: A New Algorithm for Checking Universality of Finite Automata
Antichains: A New Algorithm for Checking Universality of Finite Automata M. De Wulf 1, L. Doyen 1, T. A. Henzinger 2,3, and J.-F. Raskin 1 1 CS, Université Libre de Bruxelles, Belgium 2 I&C, Ecole Polytechnique
More informationThe algorithmic analysis of hybrid system
The algorithmic analysis of hybrid system Authors: R.Alur, C. Courcoubetis etc. Course teacher: Prof. Ugo Buy Xin Li, Huiyong Xiao Nov. 13, 2002 Summary What s a hybrid system? Definition of Hybrid Automaton
More informationUnifying Büchi Complementation Constructions
Unifying Büchi Complementation Constructions Seth Fogarty, Orna Kupferman 2, Moshe Y. Vardi, and Thomas Wilke 3 Department of Computer Science, Rice University 2 School of Computer Science and Engineering,
More informationA Polynomial Time Algorithm for Parsing with the Bounded Order Lambek Calculus
A Polynomial Time Algorithm for Parsing with the Bounded Order Lambek Calculus Timothy A. D. Fowler Department of Computer Science University of Toronto 10 King s College Rd., Toronto, ON, M5S 3G4, Canada
More informationTemporal Logic. Stavros Tripakis University of California, Berkeley. We have designed a system. We want to check that it is correct.
EE 244: Fundamental Algorithms for System Modeling, Analysis, and Optimization Fall 2016 Temporal logic Stavros Tripakis University of California, Berkeley Stavros Tripakis (UC Berkeley) EE 244, Fall 2016
More informationAn Optimal Lower Bound for Nonregular Languages
An Optimal Lower Bound for Nonregular Languages Alberto Bertoni Carlo Mereghetti Giovanni Pighizzini Dipartimento di Scienze dell Informazione Università degli Studi di Milano via Comelico, 39 2035 Milano
More informationModel checking the basic modalities of CTL with Description Logic
Model checking the basic modalities of CTL with Description Logic Shoham Ben-David Richard Trefler Grant Weddell David R. Cheriton School of Computer Science University of Waterloo Abstract. Model checking
More informationComputational Logic. Davide Martinenghi. Spring Free University of Bozen-Bolzano. Computational Logic Davide Martinenghi (1/30)
Computational Logic Davide Martinenghi Free University of Bozen-Bolzano Spring 2010 Computational Logic Davide Martinenghi (1/30) Propositional Logic - sequent calculus To overcome the problems of natural
More informationCS 208: Automata Theory and Logic
CS 28: Automata Theory and Logic b a a start A x(la(x) y(x < y) L b (y)) B b Department of Computer Science and Engineering, Indian Institute of Technology Bombay of 32 Nondeterminism Alternation 2 of
More informationSome hierarchies for the communication complexity measures of cooperating grammar systems
Some hierarchies for the communication complexity measures of cooperating grammar systems Juraj Hromkovic 1, Jarkko Kari 2, Lila Kari 2 June 14, 2010 Abstract We investigate here the descriptional and
More informationA Unifying Approach for Multistack Pushdown Automata (Track B)
A Unifying Approach for Multistack Pushdown Automata (Track B) Salvatore La Torre 1, Margherita Napoli 1, Gennaro Parlato 2 1 Dipartimento di Informatica, Università degli Studi di Salerno, Italy 2 School
More informationProperty Checking of Safety- Critical Systems Mathematical Foundations and Concrete Algorithms
Property Checking of Safety- Critical Systems Mathematical Foundations and Concrete Algorithms Wen-ling Huang and Jan Peleska University of Bremen {huang,jp}@cs.uni-bremen.de MBT-Paradigm Model Is a partial
More information3-Valued Abstraction-Refinement
3-Valued Abstraction-Refinement Sharon Shoham Academic College of Tel-Aviv Yaffo 1 Model Checking An efficient procedure that receives: A finite-state model describing a system A temporal logic formula
More informationInfinitary Relations and Their Representation
Infinitary Relations and Their Representation DI, Laurent Mauborgne 1 École Normale Supérieure, 45 rue d Ulm, 75 23 Paris cedex 5, France Email: Laurent.Mauborgne@ens.fr WWW home page: http://www.di.ens.fr/~mauborgn/
More informationFinite-state Machines: Theory and Applications
Finite-state Machines: Theory and Applications Unweighted Finite-state Automata Thomas Hanneforth Institut für Linguistik Universität Potsdam December 10, 2008 Thomas Hanneforth (Universität Potsdam) Finite-state
More informationCDS 270 (Fall 09) - Lecture Notes for Assignment 8.
CDS 270 (Fall 09) - Lecture Notes for Assignment 8. ecause this part of the course has no slides or textbook, we will provide lecture supplements that include, hopefully, enough discussion to complete
More informationUses of finite automata
Chapter 2 :Finite Automata 2.1 Finite Automata Automata are computational devices to solve language recognition problems. Language recognition problem is to determine whether a word belongs to a language.
More informationDO FIVE OUT OF SIX ON EACH SET PROBLEM SET
DO FIVE OUT OF SIX ON EACH SET PROBLEM SET 1. THE AXIOM OF FOUNDATION Early on in the book (page 6) it is indicated that throughout the formal development set is going to mean pure set, or set whose elements,
More informationChapter 9: Relations Relations
Chapter 9: Relations 9.1 - Relations Definition 1 (Relation). Let A and B be sets. A binary relation from A to B is a subset R A B, i.e., R is a set of ordered pairs where the first element from each pair
More informationHKN CS/ECE 374 Midterm 1 Review. Nathan Bleier and Mahir Morshed
HKN CS/ECE 374 Midterm 1 Review Nathan Bleier and Mahir Morshed For the most part, all about strings! String induction (to some extent) Regular languages Regular expressions (regexps) Deterministic finite
More informationANTICHAINS FOR THE AUTOMATA-BASED APPROACH TO MODEL-CHECKING
Logical Methods in Computer Science Vol. 5 (:5) 2009, pp. 20 www.lmcs-online.org Submitted Aug. 3, 2007 Published Mar. 2, 2009 ANTICHAINS FOR THE AUTOMATA-BASED APPROACH TO MODEL-CHECKING LAURENT DOYEN
More informationFoundations of Informatics: a Bridging Course
Foundations of Informatics: a Bridging Course Week 3: Formal Languages and Semantics Thomas Noll Lehrstuhl für Informatik 2 RWTH Aachen University noll@cs.rwth-aachen.de http://www.b-it-center.de/wob/en/view/class211_id948.html
More informationMathematical Preliminaries. Sipser pages 1-28
Mathematical Preliminaries Sipser pages 1-28 Mathematical Preliminaries This course is about the fundamental capabilities and limitations of computers. It has 3 parts 1. Automata Models of computation
More informationRegularity Problems for Visibly Pushdown Languages
Regularity Problems for Visibly Pushdown Languages Vince Bárány 1, Christof Löding 1, and Olivier Serre 2 1 RWTH Aachen, Germany 2 LIAFA, Université Paris VII & CNRS, France Abstract. Visibly pushdown
More informationModel Checking of Safety Properties
Model Checking of Safety Properties Orna Kupferman Hebrew University Moshe Y. Vardi Rice University October 15, 2010 Abstract Of special interest in formal verification are safety properties, which assert
More informationA REACHABLE THROUGHPUT UPPER BOUND FOR LIVE AND SAFE FREE CHOICE NETS VIA T-INVARIANTS
A REACHABLE THROUGHPUT UPPER BOUND FOR LIVE AND SAFE FREE CHOICE NETS VIA T-INVARIANTS Francesco Basile, Ciro Carbone, Pasquale Chiacchio Dipartimento di Ingegneria Elettrica e dell Informazione, Università
More informationAutomata Theory for Presburger Arithmetic Logic
Automata Theory for Presburger Arithmetic Logic References from Introduction to Automata Theory, Languages & Computation and Constraints in Computational Logic Theory & Application Presented by Masood
More informationA Brief Introduction to Model Checking
A Brief Introduction to Model Checking Jan. 18, LIX Page 1 Model Checking A technique for verifying finite state concurrent systems; a benefit on this restriction: largely automatic; a problem to fight:
More informationThe priority promotion approach to parity games
The priority promotion approach to parity games Massimo Benerecetti 1, Daniele Dell Erba 1, and Fabio Mogavero 2 1 Università degli Studi di Napoli Federico II 2 Università degli Studi di Verona Abstract.
More informationSolving Fuzzy PERT Using Gradual Real Numbers
Solving Fuzzy PERT Using Gradual Real Numbers Jérôme FORTIN a, Didier DUBOIS a, a IRIT/UPS 8 route de Narbonne, 3062, Toulouse, cedex 4, France, e-mail: {fortin, dubois}@irit.fr Abstract. From a set of
More informationBoolean decision diagrams and SAT-based representations
Boolean decision diagrams and SAT-based representations 4th July 200 So far we have seen Kripke Structures 2 Temporal logics (and their semantics over Kripke structures) 3 Model checking of these structures
More informationDISTINGUING NON-DETERMINISTIC TIMED FINITE STATE MACHINES
DISTINGUING NON-DETERMINISTIC TIMED FINITE STATE MACHINES Maxim Gromov 1, Khaled El-Fakih 2, Natalia Shabaldina 1, Nina Yevtushenko 1 1 Tomsk State University, 36 Lenin Str.. Tomsk, 634050, Russia gromov@sibmail.com,
More informationPeter Wood. Department of Computer Science and Information Systems Birkbeck, University of London Automata and Formal Languages
and and Department of Computer Science and Information Systems Birkbeck, University of London ptw@dcs.bbk.ac.uk Outline and Doing and analysing problems/languages computability/solvability/decidability
More informationTransducers for bidirectional decoding of prefix codes
Transducers for bidirectional decoding of prefix codes Laura Giambruno a,1, Sabrina Mantaci a,1 a Dipartimento di Matematica ed Applicazioni - Università di Palermo - Italy Abstract We construct a transducer
More informationPropositional and Predicate Logic - V
Propositional and Predicate Logic - V Petr Gregor KTIML MFF UK WS 2016/2017 Petr Gregor (KTIML MFF UK) Propositional and Predicate Logic - V WS 2016/2017 1 / 21 Formal proof systems Hilbert s calculus
More informationRegular Expressions and Language Properties
Regular Expressions and Language Properties Mridul Aanjaneya Stanford University July 3, 2012 Mridul Aanjaneya Automata Theory 1/ 47 Tentative Schedule HW #1: Out (07/03), Due (07/11) HW #2: Out (07/10),
More informationA Lower Bound for the Size of Syntactically Multilinear Arithmetic Circuits
A Lower Bound for the Size of Syntactically Multilinear Arithmetic Circuits Ran Raz Amir Shpilka Amir Yehudayoff Abstract We construct an explicit polynomial f(x 1,..., x n ), with coefficients in {0,
More informationTecniche di Specifica e di Verifica. Automata-based LTL Model-Checking
Tecniche di Specifica e di Verifica Automata-based LTL Model-Checking Finite state automata A finite state automaton is a tuple A = (S,S,S 0,R,F) S: set of input symbols S: set of states -- S 0 : set of
More information